This page (revision-3) was last changed on 29-Nov-2024 16:16 by -jim

This page was created on 29-Nov-2024 16:16 by unknown

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note
3 29-Nov-2024 16:16 2 KB -jim to previous
2 29-Nov-2024 16:16 3 KB -jim to previous | to last
1 29-Nov-2024 16:16 1 KB unknown to last

Page References

Incoming links Outgoing links
WebAuthn Authenticator
WebAuthn Authenticator

Version management

Difference between version and

At line 5 changed one line
is an [Authenticator] and a [cryptographic] [entity] used by a [WebAuthn Client] to:
[{$pagename}] is a [device] that creates and stores user [credentials]. In a [password-based] authentication, the credentials (the [passwords]) are stored in the user's brain. In a [WebAuthN] scenario, the credentials are stored on a device. An authenticator can be a separate physical device, like a key fob connected to your computer via [USB], [Bluetooth], or [NFC]. It can also be embedded into the [Operating System], e.g., [Windows Hello], or into a [User-agent]. An authenticator can use interfaces to [fingerprint] readers or [facial recognition] sensors to confirm user credentials.
Previously, the only authenticators compatible with this specification were dedicated key fobs, which users had to acquire themselves. Such a solution was sufficient for the needs of corporations and security-savvy individuals.
[FIDO2] compatible [{$pagename}] are built into [Operating System] and [Mobile Devices]. Thus, you can use your mobile phone as a [{$pagename}]. The phone will use security features available on the device to protect your credentials. This could be a PIN to unlock the phone, or data from the [fingerprint] reader. Most modern [Browsers] are now compatible with [WebAuthN] and offer built-in [{$pagename}]s that can communicate with the [Operating System] to authorize a user.
An important feature of an [{$pagename}] is that it connects with the client without using the [Internet] using the [Client To Authenticator Protocol]. You can use your [Mobile Device] as an [{$pagename}] to log in to a website opened on your laptop, but the phone has to connect to your computer via Bluetooth (Bluetooth Low Energy, to be exact). This prevents any [Man-In-The-Middle] attacks on the data exchanged between the [WebAuthn Client] and [{$pagename}]. Thanks to this, the client can be sure it really communicates with the authenticator and that the data has not been tampered with.
[{$pagename}] is an [Authenticator] and a [cryptographic] [entity] used by a [WebAuthn Client] to:
This page (revision-3) was last changed on 29-Nov-2024 16:16 by -jimTop